A computer system may be configured to access a physical device, such as a solid state storage device (SSD) or a hard disk drive (HDD), through a device interface, such as a universal serial bus (USB) interface or a serial ATA (SATA) interface.
It may be desirable to limit access to a physical device to selected computer systems.
A host processor environment of a computer system may not be trusted to provide identification information.
The computer system may include a secure management system to perform management operations outside of the host processor environment. The management system may correspond to an Intel® Active Management Technology (AMT) system developed by Intel Corporation, of Santa Clara, Calif. The management system may include a management system interface to communicate with the host processor environment. The management system interface may not be directly accessible to a physical device used by the host processor, and an indirect path between the management system interface and the device may be vulnerable to a man-in-the-middle (MIM) attack.
Network-based authentication protocols have been developed to permit a client computer system to authenticate a server computer system over a network such as the Internet. Network-based authentication protocols include a secure sockets layer (SSL) protocol and a transport layer security (TLS) protocol. A network-based authentication protocol may use a certificate in conformance with an X.509 standard, promulgated under the coordination of the Telecommunication Standardization Sector (ITU-T), based in Geneva, Switzerland, on behalf of the International Telecommunication Union (ITU).
In the drawings, the leftmost digit(s) of a reference number identifies the drawing in which the reference number first appears.